-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/8/10 2:48 PM, Paul Wouters wrote: > On Fri, 8 Oct 2010, Nathanael D. Noblet wrote: > >> On 10/07/2010 10:58 PM, Paul Wouters wrote: >>> One usage of yubikey I would like very much is as storage for the AES >>> encryption key for disk encryption. I'd prefer the disk crypto key to >>> not be on the disk at all, protected by just a passphrase. It would be >>> nice to have it on a yubikey instead. >> >> I just ordered a yubikey for this express purpose, we have a product >> under development that has an encrypted partition that gets decrypted by >> a key on a USB thumbdrive - not the best... When I saw these I >> immediately thought I should see about getting them used to unlock >> encrypted partitions!... I'll keep you informed. > > Note that yubikeys are not (yet) usable for this. You cannot request the > AES key from it (AFAIK), only an OTP. And the OTP can also not be used to unlock > an AES key on the harddisk because it is different for each activation. > > Paul Can't you use one of the slots on newer yubikeys for a static (long) passphrase? - -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyvlPcACgkQ4v2HLvE71NUU6QCfVhnyXcanEfFYtfezMSMP/Vp1 Xd8AnjTo9+aJRsY3v+Sb5UmJ3LgY1lDl =HbZS -----END PGP SIGNATURE----- -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
